<cfcomponent extends="tmt_file_io">

	<cffunction name="uploadFile" access="public" output="false" returntype="string" hint="
	Uploads a file on the server using HTTP. 
	File upload with ColdFusion can be pretty straightforward, but a robust file upload application should consider many security issues 
	and throw exceptions back to the caller in order to have the opportunity of handling them gracefully 
	This is the reason why the code may appear more complex than needed, it just handles many special cases and potential exceptions.
	The method reset the value of form.filefield making it equal to the name of the file saved on the server 
	This way the file's name can be easily inserted inside a database (it's also very friendly for Dreamweaver's user)
	">
		<cfargument name="fileField" type="string" required="true" hint="The name of the form file field">
		<cfargument name="destination" type="string" required="false" default="#ExpandPath(".")#" hint="Absolute directory path of a directory where the file will be stored. Default to current folder">
		<cfargument name="maxsize" type="numeric" required="false" default="100" hint="Maximum file size allowed (kb). Default to 100">
		<cfargument name="mimetypes" type="string" required="false" default="image/*" hint="Comma delimited list of mime types allowed. Default to image/*">
		<cfargument name="nameconflict" type="string" required="false" default="makeunique" hint="Action to take if filename is the same as that of a file in the directory. Default to makeunique">
		<cfset var uploadResults = "">
		<!--- Convert maxsize (kb) in bytes --->
		<cfset var fileMaxSize = arguments.maxsize*1024>
		<cfset var exceptionNoSave = "">
		<cfset var exceptionGeneric = "">
		<cfset var exceptionServerSize = "">
		<cfset var fullServerPath = "">
		<cfset var safeFullServerPath = "">
		<cfset checkDirectoryPath(arguments.destination)>
		<!--- Start error messages --->
		<cfsavecontent variable="exceptionNoSave">
			tmt_file_io: an error occurred during the file upload process. This is likely due to one of the reasons below: 
			The MIME type of the uploaded file was not accepted by the server.
			<cfif arguments.nameconflict EQ "Error">
			A file with the same name already exist on the server.
			</cfif>
			Please verify that you are uploading a file of the appropriate type.
			The application doesn't have the correct permissions on the server
		</cfsavecontent>
		<cfsavecontent variable="exceptionGeneric">
			tmt_file_io: an error occurred during the file upload process
		</cfsavecontent>
		<cfsavecontent variable="exceptionServerSize">
			tmt_file_io: the uploaded file size is greater than <cfoutput>#arguments.maxsize#</cfoutput> kilobytes which is the maximum size allowed
		</cfsavecontent>
		<!--- End error messages --->
		<cftry>
			<cffile action="upload" filefield="#arguments.fileField#" destination="#arguments.destination#" nameconflict="#arguments.nameconflict#" accept="#arguments.mimetypes#" result="uploadResults">
			<cfcatch type="any">
				<!--- File upload failed. Notify the caller --->
				<cfthrow message="#exceptionNoSave#" detail="#cfcatch.detail#" type="tmt_file_io">
			</cfcatch>
		</cftry>
		<cfif IsDefined("uploadResults.fileWasSaved")>
			<cfset fullServerPath = uploadResults.serverDirectory & variables.separator & uploadResults.serverFile>
			<!--- Check the file size --->
			<cfif uploadResults.fileSize GT fileMaxSize>
				<!--- File is too big. Notify the caller and remove it from the server --->
				<cfset deleteFile(fullServerPath)>
				<cfthrow message="#exceptionServerSize#" type="tmt_file_io">
			</cfif>
			<!--- Remove unsafe chars --->
			<!--- Store the name of the file inside  the form variable --->
			<cfset form[arguments.filefield] = GetFileFromPath(fullServerPath)>
		<cfelse>
			<!--- File was not saved. Notify the caller --->
			<cfthrow message="#exceptionGeneric#" type="tmt_file_io">
		</cfif>
		<cfreturn safeFullServerPath>
	</cffunction>

</cfcomponent>